site/_data/config/proxy.yaml - pulsar - Git at Google

 #
 # Licensed to the Apache Software Foundation (ASF) under one
 # or more contributor license agreements.  See the NOTICE file
 # distributed with this work for additional information
 # regarding copyright ownership.  The ASF licenses this file
 # to you under the Apache License, Version 2.0 (the
 # "License"); you may not use this file except in compliance
 # with the License.  You may obtain a copy of the License at
 #
 #   http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing,
 # software distributed under the License is distributed on an
 # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 # KIND, either express or implied.  See the License for the
 # specific language governing permissions and limitations
 # under the License.
 #

 configs:
 - name: zookeeperServers
   description: The ZooKeeper quorum connection string (as a comma-separated list)
 - name: configurationStoreServers
   description: Configuration store connection string (as a comma-separated list)
 - name: zookeeperSessionTimeoutMs
   default: 30000
   description: ZooKeeper session timeout (in milliseconds)
 - name: servicePort
   default: 6650
   description: The port to use for server binary Protobuf requests
 - name: servicePortTls
   default: 6651
   description: The port to use to server binary Protobuf TLS requests
 - name: statusFilePath
   description: Path for the file used to determine the rotation status for the proxy instance when responding to service discovery health checks
 - name: authenticationEnabled
   default: "false"
   description: Whether authentication is enabled for the Pulsar proxy
 - name: authenticationProviders
   description: Authentication provider name list (a comma-separated list of class names)
 - name: authorizationEnabled
   default: "false"
   description: Whether authorization is enforced by the Pulsar proxy
 - name: authorizationProvider
   default: org.apache.pulsar.broker.authorization.PulsarAuthorizationProvider
   description: Authorization provider as a fully qualified class name
 - name: brokerClientAuthenticationPlugin
   description: The authentication plugin used by the Pulsar proxy to authenticate with Pulsar brokers
 - name: brokerClientAuthenticationParameters
   description: The authentication parameters used by the Pulsar proxy to authenticate with Pulsar brokers
 - name: brokerClientTrustCertsFilePath
   description: The path to trusted certificates used by the Pulsar proxy to authenticate with Pulsar brokers
 - name: superUserRoles
   description: Role names that are treated as "super-users," meaning that they will be able to perform all admin
 - name: forwardAuthorizationCredentials
   default: "false"
   description: Whether client authorization credentials are forwared to the broker for re-authorization. Authentication must be enabled via `authenticationEnabled=true` for this to take effect.
 - name: maxConcurrentInboundConnections
   default: 10000
   description: Max concurrent inbound connections. The proxy will reject requests beyond that.
 - name: maxConcurrentLookupRequests
   default: 10000
   description: Max concurrent outbound connections. The proxy will error out requests beyond that.
 - name: tlsEnabledInProxy
   default: "false"
   description: Whether TLS is enabled for the proxy
 - name: tlsEnabledWithBroker
   default: "false"
   description: Whether TLS is enabled when communicating with Pulsar brokers
 - name: tlsCertificateFilePath
   description: Path for the TLS certificate file
 - name: tlsKeyFilePath
   description: Path for the TLS private key file
 - name: tlsTrustCertsFilePath
   description: Path for the trusted TLS certificate pem file
 - name: tlsHostnameVerificationEnabled
   default: "false"
   description: Whether the hostname is validated when the proxy creates a TLS connection with brokers
 - name: tlsRequireTrustedClientCertOnConnect
   default: "false"
   description: Whether client certificates are required for TLS. Connections are rejected if the client certificate isn't trusted.
	#
	# Licensed to the Apache Software Foundation (ASF) under one
	# or more contributor license agreements. See the NOTICE file
	# distributed with this work for additional information
	# regarding copyright ownership. The ASF licenses this file
	# to you under the Apache License, Version 2.0 (the
	# "License"); you may not use this file except in compliance
	# with the License. You may obtain a copy of the License at
	#
	# http://www.apache.org/licenses/LICENSE-2.0
	#
	# Unless required by applicable law or agreed to in writing,
	# software distributed under the License is distributed on an
	# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	# KIND, either express or implied. See the License for the
	# specific language governing permissions and limitations
	# under the License.
	#

	configs:
	- name: zookeeperServers
	description: The ZooKeeper quorum connection string (as a comma-separated list)
	- name: configurationStoreServers
	description: Configuration store connection string (as a comma-separated list)
	- name: zookeeperSessionTimeoutMs
	default: 30000
	description: ZooKeeper session timeout (in milliseconds)
	- name: servicePort
	default: 6650
	description: The port to use for server binary Protobuf requests
	- name: servicePortTls
	default: 6651
	description: The port to use to server binary Protobuf TLS requests
	- name: statusFilePath
	description: Path for the file used to determine the rotation status for the proxy instance when responding to service discovery health checks
	- name: authenticationEnabled
	default: "false"
	description: Whether authentication is enabled for the Pulsar proxy
	- name: authenticationProviders
	description: Authentication provider name list (a comma-separated list of class names)
	- name: authorizationEnabled
	default: "false"
	description: Whether authorization is enforced by the Pulsar proxy
	- name: authorizationProvider
	default: org.apache.pulsar.broker.authorization.PulsarAuthorizationProvider
	description: Authorization provider as a fully qualified class name
	- name: brokerClientAuthenticationPlugin
	description: The authentication plugin used by the Pulsar proxy to authenticate with Pulsar brokers
	- name: brokerClientAuthenticationParameters
	description: The authentication parameters used by the Pulsar proxy to authenticate with Pulsar brokers
	- name: brokerClientTrustCertsFilePath
	description: The path to trusted certificates used by the Pulsar proxy to authenticate with Pulsar brokers
	- name: superUserRoles
	description: Role names that are treated as "super-users," meaning that they will be able to perform all admin
	- name: forwardAuthorizationCredentials
	default: "false"
	description: Whether client authorization credentials are forwared to the broker for re-authorization. Authentication must be enabled via `authenticationEnabled=true` for this to take effect.
	- name: maxConcurrentInboundConnections
	default: 10000
	description: Max concurrent inbound connections. The proxy will reject requests beyond that.
	- name: maxConcurrentLookupRequests
	default: 10000
	description: Max concurrent outbound connections. The proxy will error out requests beyond that.
	- name: tlsEnabledInProxy
	default: "false"
	description: Whether TLS is enabled for the proxy
	- name: tlsEnabledWithBroker
	default: "false"
	description: Whether TLS is enabled when communicating with Pulsar brokers
	- name: tlsCertificateFilePath
	description: Path for the TLS certificate file
	- name: tlsKeyFilePath
	description: Path for the TLS private key file
	- name: tlsTrustCertsFilePath
	description: Path for the trusted TLS certificate pem file
	- name: tlsHostnameVerificationEnabled
	default: "false"
	description: Whether the hostname is validated when the proxy creates a TLS connection with brokers
	- name: tlsRequireTrustedClientCertOnConnect
	default: "false"
	description: Whether client certificates are required for TLS. Connections are rejected if the client certificate isn't trusted.